Patrick-Dussault

Tech Tip : CA Single Sign-On : Running AdminUI, when trying to import a simple certificate, AdminUI reports an error

Discussion created by Patrick-Dussault Employee on Apr 23, 2019

Issue:

 

We're running running an AdminUI, when we try to import a simple
certificate, AdminUI reports an error :

 

Error: System error while attempting to import: One or more
exceptions trying to commit keystore changes. Please consult the logs.

 

Cause:

 

Looking at the CDS log and the AdminUI log, we see that already a
certificate with the same subject exists :

 

cds.log

 

[Apr 23 2019 10:23:02,060] CertificateDataStore [ERROR]
CertificateDataStoreImpl.addCertificateToDB(): The certificate
already exists in the Certificate Data Store with alias
"my_test_sign". Cert Subject:
CN=mytest,O=sign,ST=myState,C=myCountry Cert Serial Number: 00

 

server.log

 

2019-04-23 10:23:02,060 [ERROR] 

com.ca.fedpki.api.remote.FedPkiKeyStore [] - **ERROR**
java.security.cert.CertificateException commiting keystore change for
alias my_test_sign_new.
java.security.cert.CertificateException: Could
not add certificate 'my_test_sign_new' (check logs for reason)

Resolution:

 

In the AdminUI, remove the old certificate. Then add the new
certificate.

 

KB : KB000131227

Outcomes